Stowage/pycryptodome
2
0
Fork 0
mirror of https://github.com/Legrandin/pycryptodome.git synced 2025-12-08 05:19:46 +00:00
Code Issues Projects Releases Packages Wiki Activity

Export ECC private keys

Browse source
This commit is contained in:
Legrandin 2016-01-27 08:44:43 +01:00
parent c7b491de3f
commit c67b7a1752
25 changed files with 379 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

2
lib/Crypto/IO/PEM.py
View file

@ -157,7 +157,7 @@ def decode(pem_data, passphrase=None):
key = PBKDF1(passphrase, salt[:8], 16, 1, MD5)
objdec = AES.new(key, AES.MODE_CBC, salt)
else:
raise ValueError("Unsupport PEM encryption algorithm.")
raise ValueError("Unsupport PEM encryption algorithm (%s)." % algo)
lines = lines[2:]
else:
objdec = None

4
lib/Crypto/Protocol/KDF.py
View file

@ -86,8 +86,8 @@ def PBKDF1(password, salt, dkLen, count=1000, hashAlgo=None):
digest = pHash.digest_size
if dkLen>digest:
raise TypeError("Selected hash algorithm has a too short digest (%d bytes)." % digest)
if len(salt)!=8:
raise ValueError("Salt is not 8 bytes long.")
if len(salt) != 8:
raise ValueError("Salt is not 8 bytes long (%d bytes instead)." % len(salt))
for i in xrange(count-1):
pHash = pHash.new(pHash.digest())
return pHash.digest()[:dkLen]

145
lib/Crypto/PublicKey/ECC.py
View file

@ -31,7 +31,7 @@
import struct
import binascii
from Crypto.Util.py3compat import bord, tobytes, b, tostr
from Crypto.Util.py3compat import bord, tobytes, b, tostr, bchr
from Crypto.Math.Numbers import Integer
from Crypto.Random import get_random_bytes
@ -40,6 +40,7 @@ from Crypto.Util.asn1 import (DerObjectId, DerOctetString, DerSequence,
from Crypto.IO import PKCS8, PEM
from Crypto.PublicKey import (_expand_subject_public_key_info,
_create_subject_public_key_info,
_extract_subject_public_key_info)
@ -321,6 +322,148 @@ class EccKey(object):
def public_key(self):
return EccKey(curve="P-256", point=self.pointQ)
def _export_subjectPublicKeyInfo(self):
# Uncompressed form
order_bytes = _curve.order.size_in_bytes()
public_key = (bchr(4) +
self.pointQ.x.to_bytes(order_bytes) +
self.pointQ.y.to_bytes(order_bytes))
unrestricted_oid = "1.2.840.10045.2.1"
return _create_subject_public_key_info(unrestricted_oid,
public_key,
DerObjectId(_curve.oid))
def _export_private_der(self, include_ec_params=True):
assert self.has_private()
# ECPrivateKey ::= SEQUENCE {
# version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
# privateKey OCTET STRING,
# parameters [0] ECParameters {{ NamedCurve }} OPTIONAL,
# publicKey [1] BIT STRING OPTIONAL
# }
# Public key - uncompressed form
order_bytes = _curve.order.size_in_bytes()
public_key = (bchr(4) +
self.pointQ.x.to_bytes(order_bytes) +
self.pointQ.y.to_bytes(order_bytes))
seq = [1,
DerOctetString(self.d.to_bytes(order_bytes)),
DerObjectId(_curve.oid, explicit=0),
DerBitString(public_key, explicit=1)]
if not include_ec_params:
del seq[2]
return DerSequence(seq).encode()
def _export_pkcs8(self, **kwargs):
if kwargs.get('passphrase', None) is not None and 'protection' not in kwargs:
raise ValueError("At least the 'protection' parameter should be present")
unrestricted_oid = "1.2.840.10045.2.1"
private_key = self._export_private_der(include_ec_params=False)
result = PKCS8.wrap(private_key,
unrestricted_oid,
key_params=DerObjectId(_curve.oid),
**kwargs)
return result
def _export_public_pem(self):
encoded_der = self._export_subjectPublicKeyInfo()
return PEM.encode(encoded_der, "PUBLIC KEY")
def _export_private_pem(self, passphrase):
encoded_der = self._export_private_der()
return PEM.encode(encoded_der, "EC PRIVATE KEY", passphrase)
def _export_private_clear_pkcs8_in_clear_pem(self):
encoded_der = self._export_pkcs8()
return PEM.encode(encoded_der, "PRIVATE KEY")
def _export_private_encrypted_pkcs8_in_clear_pem(self, passphrase, **kwargs):
assert passphrase
if 'protection' not in kwargs:
raise ValueError("At least the 'protection' parameter should be present")
encoded_der = self._export_pkcs8(passphrase=passphrase, **kwargs)
return PEM.encode(encoded_der, "ENCRYPTED PRIVATE KEY")
def export_key(self, **kwargs):
"""Export this ECC key.
:Keywords:
format : string
The format to use for wrapping the key:
- *'DER'*. The key will be encoded in an ASN.1 `DER`_ stucture (binary).
- *'PEM'*. The key will be encoded in a `PEM`_ envelope (ASCII).
passphrase : byte string or string
The passphrase to use for protecting the private key.
*If not provided, the private key will remain in clear form!*
use_pkcs8 : boolean
In case of a private key, whether the `PKCS#8`_ representation
should be (internally) used. By default it will.
Not using PKCS#8 when exporting a private key in
password-protected PEM form means that the much weaker and
unflexible `PEM encryption`_ mechanism will be used.
Using PKCS#8 is therefore always recommended.
protection : string
In case of a private key being exported with password-protection
and PKCS#8 (both ``DER`` and ``PEM``), this parameter MUST be
present and be a valid algorithm supported by `Crypto.IO.PKCS8`.
It is recommended to use ``PBKDF2WithHMAC-SHA1AndAES128-CBC``.
In case of a private key being exported with password-protection
and PKCS#8 (both ``DER`` and ``PEM``), all additional parameters
will be passed to `Crypto.IO.PKCS8`.
.. _DER: http://www.ietf.org/rfc/rfc5915.txt
.. _PEM: http://www.ietf.org/rfc/rfc1421.txt
.. _`PEM encryption`: http://www.ietf.org/rfc/rfc1423.txt
.. _PKCS#8: http://www.ietf.org/rfc/rfc5208.txt
:Return: A string (for PEM) or a byte string (for DER) with the encoded key.
"""
args = kwargs.copy()
ext_format = args.pop("format")
if ext_format not in ("PEM", "DER"):
raise ValueError("Unknown format '%s'" % ext_format)
if self.has_private():
passphrase = args.pop("passphrase", None)
if isinstance(passphrase, basestring):
passphrase = tobytes(passphrase)
use_pkcs8 = args.pop("use_pkcs8", True)
if ext_format == "PEM":
if use_pkcs8:
if passphrase:
return self._export_private_encrypted_pkcs8_in_clear_pem(passphrase, **args)
else:
return self._export_private_clear_pkcs8_in_clear_pem()
else:
return self._export_private_pem(passphrase)
else:
# DER
if passphrase and not use_pkcs8:
raise ValueError("Private keys can only be encrpyted with DER using PKCS#8")
if use_pkcs8:
return self._export_pkcs8(passphrase=passphrase, **args)
else:
return self._export_private_der()
else: # Public key
if ext_format == "PEM":
return self._export_public_pem()
else:
return self._export_subjectPublicKeyInfo()
def generate(**kwargs):
"""Generate a new private key on the given curve.

3
lib/Crypto/SelfTest/PublicKey/__init__.py
View file

@ -40,6 +40,9 @@ def get_tests(config={}):
from Crypto.SelfTest.PublicKey import test_import_RSA
tests += test_import_RSA.get_tests(config=config)
from Crypto.SelfTest.PublicKey import test_import_ECC
tests += test_import_ECC.get_tests(config=config)
from Crypto.SelfTest.PublicKey import test_ElGamal; tests += test_ElGamal.get_tests(config=config)
return tests

151
lib/Crypto/SelfTest/PublicKey/test_import_ECC.py
View file

@ -36,15 +36,14 @@ from Crypto.Util.number import bytes_to_long
from Crypto.PublicKey import ECC
def load_file(filename):
def load_file(filename, mode="rb"):
fd = open(pycryptodome_filename([
"Crypto",
"SelfTest",
"PublicKey",
"test_vectors",
"ECC",
], filename), "rb")
], filename), mode)
return fd.read()
@ -104,7 +103,13 @@ class TestImport(unittest.TestCase):
key = ECC.import_key(key_file)
self.assertEqual(ref_private, key)
def test_import_private_pkcs8_encrypted(self):
def test_import_private_pkcs8_in_pem_clear(self):
key_file = load_file("ecc_p256_private_p8_clear.pem")
key = ECC.import_key(key_file)
self.assertEqual(ref_private, key)
def test_import_private_pkcs8_encrypted_1(self):
key_file = load_file("ecc_p256_private_p8.der")
key = ECC._import_der(key_file, "secret")
@ -113,6 +118,12 @@ class TestImport(unittest.TestCase):
key = ECC.import_key(key_file, "secret")
self.assertEqual(ref_private, key)
def test_import_private_pkcs8_encrypted_2(self):
key_file = load_file("ecc_p256_private_p8.pem")
key = ECC.import_key(key_file, "secret")
self.assertEqual(ref_private, key)
def test_import_x509_der(self):
key_file = load_file("ecc_p256_x509.der")
@ -135,7 +146,8 @@ class TestImport(unittest.TestCase):
self.assertEqual(ref_private, key)
def test_import_private_pem_encrypted(self):
key_file = load_file("ecc_p256_private_enc.pem")
for algo in "des3", : # TODO: , "aes128", "aes192", "aes256_gcm":
key_file = load_file("ecc_p256_private_enc_%s.pem" % algo)
key = ECC.import_key(key_file, "secret")
self.assertEqual(ref_private, key)
@ -159,9 +171,138 @@ class TestImport(unittest.TestCase):
self.assertEqual(ref_public, key)
class TestExport(unittest.TestCase):
def test_export_public_der(self):
key_file = load_file("ecc_p256_public.der")
encoded = ref_public._export_subjectPublicKeyInfo()
self.assertEqual(key_file, encoded)
# ---
encoded = ref_public.export_key(format="DER")
self.assertEqual(key_file, encoded)
def test_export_private_der(self):
key_file = load_file("ecc_p256_private.der")
encoded = ref_private._export_private_der()
self.assertEqual(key_file, encoded)
# ---
encoded = ref_private.export_key(format="DER", use_pkcs8=False)
self.assertEqual(key_file, encoded)
def test_export_private_pkcs8_clear(self):
key_file = load_file("ecc_p256_private_p8_clear.der")
encoded = ref_private._export_pkcs8()
self.assertEqual(key_file, encoded)
# ---
encoded = ref_private.export_key(format="DER")
self.assertEqual(key_file, encoded)
def test_export_private_pkcs8_encrypted(self):
encoded = ref_private._export_pkcs8(passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC._import_pkcs8, encoded, None)
decoded = ECC._import_pkcs8(encoded, "secret")
self.assertEqual(ref_private, decoded)
# ---
encoded = ref_private.export_key(format="DER",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
def test_export_public_pem(self):
key_file = load_file("ecc_p256_public.pem", "rt").strip()
encoded = ref_private._export_public_pem()
self.assertEqual(key_file, encoded)
# ---
encoded = ref_public.export_key(format="PEM")
self.assertEqual(key_file, encoded)
def test_export_private_pem_clear(self):
key_file = load_file("ecc_p256_private.pem", "rt").strip()
encoded = ref_private._export_private_pem(None)
self.assertEqual(key_file, encoded)
# ---
encoded = ref_private.export_key(format="PEM", use_pkcs8=False)
self.assertEqual(key_file, encoded)
def test_export_private_pem_encrypted(self):
encoded = ref_private._export_private_pem(passphrase=b("secret"))
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "EC PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
# ---
encoded = ref_private.export_key(format="PEM",
passphrase="secret",
use_pkcs8=False)
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
def test_export_private_pkcs8_and_pem_1(self):
# PKCS8 inside PEM with both unencrypted
key_file = load_file("ecc_p256_private_p8_clear.pem", "rt").strip()
encoded = ref_private._export_private_clear_pkcs8_in_clear_pem()
self.assertEqual(key_file, encoded)
# ---
encoded = ref_private.export_key(format="PEM")
self.assertEqual(key_file, encoded)
def test_export_private_pkcs8_and_pem_2(self):
# PKCS8 inside PEM with PKCS8 encryption
encoded = ref_private._export_private_encrypted_pkcs8_in_clear_pem("secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
# This should prove that the output is password-protected
self.assertRaises(ValueError, ECC.import_key, encoded)
assert "ENCRYPTED PRIVATE KEY" in encoded
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
# ---
encoded = ref_private.export_key(format="PEM",
passphrase="secret",
protection="PBKDF2WithHMAC-SHA1AndAES128-CBC")
decoded = ECC.import_key(encoded, "secret")
self.assertEqual(ref_private, decoded)
def get_tests(config={}):
tests = []
tests += list_test_cases(TestImport)
tests += list_test_cases(TestExport)
return tests
if __name__ == '__main__':

23
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256.txt
View file

@ -1,17 +1,18 @@
Private-Key: (256 bit)
priv:
45:9d:80:12:e6:e6:f8:04:48:d0:4e:cd:ef:aa:a9:
0d:9a:0d:60:d1:0f:a7:06:58:60:b6:ac:e3:89:10:
b0:0e
5c:4e:43:20:ef:26:0f:91:ed:9f:c5:97:ae:e9:8c:
82:36:b6:0e:0c:ed:69:2c:c7:a0:57:d5:e4:57:98:
a0:52
pub:
04:52:b6:00:8e:a3:3f:a7:18:cf:d7:ad:d7:7d:b2:
74:4b:43:02:b4:83:a3:ce:f2:0e:b3:5b:1c:77:c3:
f5:d0:79:85:c3:c7:6b:80:7f:57:9c:93:f4:17:1a:
5d:80:b5:9c:8b:e2:d1:21:c7:2b:c7:2a:15:f3:62:
68:fc:e5:83:1e
04:a4:0a:d5:9a:20:50:eb:e9:24:79:bd:5f:b1:6b:
b2:e4:5b:64:65:eb:3c:b2:b1:ef:fe:42:3f:ab:e6:
cb:74:24:db:82:19:ef:0b:ab:80:ac:f2:6f:d7:05:
95:b6:1f:e4:76:0d:33:ee:d8:0d:d0:3d:2f:d0:df:
b2:7b:8c:e7:5c
ASN1 OID: prime256v1
NIST CURVE: P-256
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIEWdgBLm5vgESNBOze+qqQ2aDWDRD6cGWGC2rOOJELAOoAoGCCqGSM49
AwEHoUQDQgAEUrYAjqM/pxjP163XfbJ0S0MCtIOjzvIOs1scd8P10HmFw8drgH9X
nJP0FxpdgLWci+LRIccrxyoV82Jo/OWDHg==
MHcCAQEEIFxOQyDvJg+R7Z/Fl67pjII2tg4M7Wksx6BX1eRXmKBSoAoGCCqGSM49
AwEHoUQDQgAEpArVmiBQ6+kkeb1fsWuy5FtkZes8srHv/kI/q+bLdCTbghnvC6uA
rPJv1wWVth/kdg0z7tgN0D0v0N+ye4znXA==
-----END EC PRIVATE KEY-----

BIN
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private.der
View file

Binary file not shown.

6
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private.pem
View file

@ -1,5 +1,5 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIEWdgBLm5vgESNBOze+qqQ2aDWDRD6cGWGC2rOOJELAOoAoGCCqGSM49
AwEHoUQDQgAEUrYAjqM/pxjP163XfbJ0S0MCtIOjzvIOs1scd8P10HmFw8drgH9X
nJP0FxpdgLWci+LRIccrxyoV82Jo/OWDHg==
MHcCAQEEIFxOQyDvJg+R7Z/Fl67pjII2tg4M7Wksx6BX1eRXmKBSoAoGCCqGSM49
AwEHoUQDQgAEpArVmiBQ6+kkeb1fsWuy5FtkZes8srHv/kI/q+bLdCTbghnvC6uA
rPJv1wWVth/kdg0z7tgN0D0v0N+ye4znXA==
-----END EC PRIVATE KEY-----

8
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_enc.pem
View file

@ -1,8 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,EA88103B4EDF248D
tfTA9oFyGvF0T7wGcd/yZLEJJpgm6IW4I5B9u5mJ4Bs8yX8ejn0RHz7oGa4Ny2mV
r8Mnz3zsOMHGloKJVZc5wbQCPwgeOIh+0m8hKTWFy9RvMsfgj+WnA6m/HgHz/Ng5
pj1XvrbS+RCEjTapVmFncnHn8vTUdMJn6UXjSMs6+9U=
-----END EC PRIVATE KEY-----

8
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_enc_aes128.pem Normal file
View file

@ -0,0 +1,8 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-128-CBC,288614CF0887BAE11B8B660C3CA24139
7Jy/LNIYkloV8x1LVRjy59phEtKrli8ySiFDf6nIBtAmt/WLoZijmCMJ7VTXVXNq
lyruBM2t4At/0EFI3CSQKxFvsnHDwHL9WYEDPC+gQ/Xy8j2JU0IAM+BuasjHAgXw
tq0sJUnRh+xNiI2FotEBC8S194M+lp3RkBZwoBlk3w0=
-----END EC PRIVATE KEY-----

8
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_enc_aes192.pem Normal file
View file

@ -0,0 +1,8 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: AES-192-CBC,82AE4C810C9CF67736F256DEDFD6908E
gWOVzIDfiMQuIvOQ2m5BWQRWYL7DMb2Mbz4GO8ovBHMNOkMAdi0GhanI+dpQyjtw
V9zYBjbqtpMGzACusVYFxvkE9VOb1tj+QphG09Nv4/oUNXBdx1RDxrvntaB/Uskj
0zIDV/7D9esLIPTiBtwy62ZAc5Pxk88IG/Z2nGvJZMg=
-----END EC PRIVATE KEY-----

8
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_enc_aes256_gcm.pem Normal file
View file

@ -0,0 +1,8 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: id-aes256-GCM,4071BCFFB5B7CE18CEBFE901
oh6vdMD9bkUvRwtaBkYz6MMWCtjE2GvIKx+diG8XxzakcFzVIqXlDXfEcVIs6Vis
LFofIdBHElQxRUTnCCkb21pmly6v0ZLDugwMWNz6ichaie1gXqi+JwjPe2Ju5aro
UNeOPqFlVkCeEvHxE3eR1vqlDBLar9VwtA==
-----END EC PRIVATE KEY-----

8
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_enc_des3.pem Normal file
View file

@ -0,0 +1,8 @@
-----BEGIN EC PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,7E383189A0521324
GT+hvDACAQAq8mD20yQFuQo5Gfg3gPJbZSErmgtdMa5xRLzPEWFnP1yOfZFIgVhn
HKLNhgrfbNRh3Ij/DcC6gQ+/35Ts9r+4KLMP6qXuEEfQGTCRu0JQbbMCheN7iNM1
8ji47sMaVPJPLrBbD6bPcUl8Tfv0+Xiikvxia5NjqAE=
-----END EC PRIVATE KEY-----

BIN
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_p8.der
View file

Binary file not shown.

6
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_p8.pem Normal file
View file

@ -0,0 +1,6 @@
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIGwMBsGCSqGSIb3DQEFAzAOBAjtAa3UT6r2WAICCAAEgZA1MjDX/jkmLeNTlbCK
oDJPqo9OzHoZInlg4diuvId3uAPxyYnMuwTJvCSklOPXQLkgpYsYRF3YgNBuGAld
VQvWcbfwX1eQSqOx6FBCWJgXpWLhlI9qViRDYNQfyam8Xszq7tOdsOdJhSuA+YCt
5mBj57E8tUNLLR6P3lAUIM8WJBlxOWyR0EqdM5vcxYIzzTM=
-----END ENCRYPTED PRIVATE KEY-----

BIN
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_p8_clear.der
View file

Binary file not shown.

5
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_private_p8_clear.pem Normal file
View file

@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgXE5DIO8mD5Htn8WX
rumMgja2DgztaSzHoFfV5FeYoFKhRANCAASkCtWaIFDr6SR5vV+xa7LkW2Rl6zyy
se/+Qj+r5st0JNuCGe8Lq4Cs8m/XBZW2H+R2DTPu2A3QPS/Q37J7jOdc
-----END PRIVATE KEY-----

BIN
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_public.der
View file

Binary file not shown.

4
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_public.pem
View file

@ -1,4 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEUrYAjqM/pxjP163XfbJ0S0MCtIOj
zvIOs1scd8P10HmFw8drgH9XnJP0FxpdgLWci+LRIccrxyoV82Jo/OWDHg==
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEpArVmiBQ6+kkeb1fsWuy5FtkZes8
srHv/kI/q+bLdCTbghnvC6uArPJv1wWVth/kdg0z7tgN0D0v0N+ye4znXA==
-----END PUBLIC KEY-----

2
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_public_openssh.txt
View file

@ -1 +1 @@
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBFK2AI6jP6cYz9et132ydEtDArSDo87yDrNbHHfD9dB5hcPHa4B/V5yT9BcaXYC1nIvi0SHHK8cqFfNiaPzlgx4=
ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKQK1ZogUOvpJHm9X7FrsuRbZGXrPLKx7/5CP6vmy3Qk24IZ7wurgKzyb9cFlbYf5HYNM+7YDdA9L9DfsnuM51w=

BIN
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_x509.der
View file

Binary file not shown.

18
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/ecc_p256_x509.pem
View file

@ -1,11 +1,11 @@
-----BEGIN CERTIFICATE-----
MIIBjDCCATOgAwIBAgIJAPrO0O+wI55GMAoGCCqGSM49BAMCMCMxCzAJBgNVBAYT
AkdCMRQwEgYDVQQDDAtleGFtcGxlLmNvbTAeFw0xNjAxMjYxMDExMzVaFw0xNzAx
MjUxMDExMzVaMCMxCzAJBgNVBAYTAkdCMRQwEgYDVQQDDAtleGFtcGxlLmNvbTBZ
MBMGByqGSM49AgEGCCqGSM49AwEHA0IABFK2AI6jP6cYz9et132ydEtDArSDo87y
DrNbHHfD9dB5hcPHa4B/V5yT9BcaXYC1nIvi0SHHK8cqFfNiaPzlgx6jUDBOMB0G
A1UdDgQWBBThtRG8Ag+gEOOWZ+v5bced1kX42DAfBgNVHSMEGDAWgBThtRG8Ag+g
EOOWZ+v5bced1kX42DAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0cAMEQCIDCp
n1AKXf+jleMrvKB2eMYk5eoZQrfbK18gaFyfsUjSAiAOIDPP9mv9z5bKpwrWxLaW
kw+y4SnrXU4N0aHUWICFyA==
MIIBjTCCATOgAwIBAgIJAJtI7kH/tXlvMAoGCCqGSM49BAMCMCMxCzAJBgNVBAYT
AkdCMRQwEgYDVQQDDAtleGFtcGxlLmNvbTAeFw0xNjAxMzAwNjMyNTBaFw0xNzAx
MjkwNjMyNTBaMCMxCzAJBgNVBAYTAkdCMRQwEgYDVQQDDAtleGFtcGxlLmNvbTBZ
MBMGByqGSM49AgEGCCqGSM49AwEHA0IABKQK1ZogUOvpJHm9X7FrsuRbZGXrPLKx
7/5CP6vmy3Qk24IZ7wurgKzyb9cFlbYf5HYNM+7YDdA9L9DfsnuM51yjUDBOMB0G
A1UdDgQWBBSv2v+sOg8Z+VTAJk5ob4nDRS1+jjAfBgNVHSMEGDAWgBSv2v+sOg8Z
+VTAJk5ob4nDRS1+jjAMBgNVHRMEBTADAQH/MAoGCCqGSM49BAMCA0gAMEUCID3r
ARj3nfwBK4uE3BmlGKjaH5JR3e9iEac7BT93W6hOAiEAuNZxsvUpadoB4SqurLVg
lrdvw9wpYr8JTq7q2KUIQes=
-----END CERTIFICATE-----

9
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/gen_ecc_p256.sh
View file

@ -3,15 +3,22 @@
set -e
set -x
openssl version | tee openssl_version.txt
# Private key
openssl ecparam -name prime256v1 -genkey -noout -conv_form uncompressed -out ecc_p256_private.pem
openssl ec -in ecc_p256_private.pem -outform DER -out ecc_p256_private.der
openssl pkcs8 -in ecc_p256_private.der -inform DER -out ecc_p256_private_p8_clear.der -outform DER -nocrypt -topk8
openssl pkcs8 -in ecc_p256_private.der -inform DER -out ecc_p256_private_p8_clear.pem -outform PEM -nocrypt -topk8
openssl ec -in ecc_p256_private.pem -text -out ecc_p256.txt
# Encrypted private key
openssl pkcs8 -in ecc_p256_private.der -inform DER -passout 'pass:secret' -out ecc_p256_private_p8.der -outform DER -topk8
openssl ec -in ecc_p256_private.pem -des3 -out ecc_p256_private_enc.pem -passout 'pass:secret' -outform PEM
openssl pkcs8 -in ecc_p256_private.der -inform DER -passout 'pass:secret' -out ecc_p256_private_p8.pem -outform PEM -topk8
openssl ec -in ecc_p256_private.pem -des3 -out ecc_p256_private_enc_des3.pem -passout 'pass:secret' -outform PEM
openssl ec -in ecc_p256_private.pem -aes128 -out ecc_p256_private_enc_aes128.pem -passout 'pass:secret' -outform PEM
openssl ec -in ecc_p256_private.pem -aes192 -out ecc_p256_private_enc_aes192.pem -passout 'pass:secret' -outform PEM
openssl ec -in ecc_p256_private.pem -aes-256-gcm -out ecc_p256_private_enc_aes256_gcm.pem -passout 'pass:secret' -outform PEM
# Public key
openssl ec -in ecc_p256_private.pem -pubout -out ecc_p256_public.pem

1
lib/Crypto/SelfTest/PublicKey/test_vectors/ECC/openssl_version.txt Normal file
View file

@ -0,0 +1 @@
OpenSSL 1.0.2e-fips 3 Dec 2015

1
lib/Crypto/__init__.py
View file

@ -45,4 +45,3 @@ __all__ = ['Cipher', 'Hash', 'Protocol', 'PublicKey', 'Util', 'Signature',
'IO', 'Math']
version_info = (3, 4, "rc1")